Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/USyW0O_6fcBP2bF0PoHV0RL6-Y8.roa
File:                     USyW0O_6fcBP2bF0PoHV0RL6-Y8.roa (raw, json)
Hash identifier:          rYcvR45gztdgTjrFLAUTrj+3T6dDm1wWFyZUivL/lkQ=
Subject key identifier:   51:2C:96:D0:EF:FA:7D:C0:4F:D9:B1:74:3E:81:D5:D1:12:FA:F9:8F
Certificate issuer:       /CN=00e4f6a77368b7cecfe67220b436576b1e008aec
Certificate serial:       01941F8C16E774BD1BA07FA224752E174FCC
Authority key identifier: 00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/USyW0O_6fcBP2bF0PoHV0RL6-Y8.roa
Signing time:             Wed 01 Jan 2025 01:47:42 +0000
ROA not before:           Wed 01 Jan 2025 01:47:42 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     210756
IP address blocks:        2a03:90c0:b0::/44 maxlen: 44

Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:94:1f:8c:16:e7:74:bd:1b:a0:7f:a2:24:75:2e:17:4f:cc
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=00e4f6a77368b7cecfe67220b436576b1e008aec
        Validity
            Not Before: Jan  1 01:47:42 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=512c96d0effa7dc04fd9b1743e81d5d112faf98f
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:9b:3a:d0:ec:d4:16:e9:a1:60:a2:b5:29:d5:ba:
                    b8:be:f0:35:9e:cb:78:0d:ea:75:68:85:96:07:09:
                    64:61:20:e3:4e:ae:89:fd:bb:b6:73:0c:46:4c:04:
                    ec:07:e1:31:dd:61:2d:1c:34:48:2d:48:f9:fb:26:
                    8d:05:42:f6:e6:df:6c:79:37:40:37:ff:15:83:ed:
                    a5:a2:2b:bf:ff:4e:0b:3a:f2:41:75:06:72:df:9c:
                    bb:49:aa:d7:31:cb:6e:1a:82:32:48:1f:b3:07:83:
                    2a:8c:85:02:93:e5:97:b1:17:65:ae:2a:ca:53:9f:
                    3a:68:d5:dc:bb:7a:12:66:03:fe:63:b2:9d:dc:80:
                    88:02:8a:96:95:03:88:7a:21:92:73:b2:8d:c9:b2:
                    22:91:aa:06:d1:a0:39:f3:15:88:bf:59:d6:25:b7:
                    b8:2f:50:df:79:28:31:69:21:9e:a9:79:c6:f5:41:
                    53:8e:82:e8:38:f6:44:48:94:49:33:98:34:ba:44:
                    33:13:29:4e:8d:71:49:79:51:36:3d:c5:d5:c6:c7:
                    90:d9:6d:97:cd:b7:18:35:4a:82:a1:0c:e3:41:0f:
                    0c:9e:34:d0:0e:89:3c:cf:99:57:ea:f2:9a:75:9d:
                    c7:d0:e8:96:b6:61:51:24:81:2a:62:2a:0b:08:8c:
                    e0:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                51:2C:96:D0:EF:FA:7D:C0:4F:D9:B1:74:3E:81:D5:D1:12:FA:F9:8F
            X509v3 Authority Key Identifier:
                keyid:00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/USyW0O_6fcBP2bF0PoHV0RL6-Y8.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2a03:90c0:b0::/44

    Signature Algorithm: sha256WithRSAEncryption
         ba:34:a7:de:68:d2:5c:9a:5d:1b:23:d5:e1:58:ef:2f:a6:5c:
         5b:63:dc:e3:50:ec:76:4a:05:9a:28:a3:78:37:cf:69:2b:5d:
         cf:18:7c:46:57:7c:d8:7d:c5:02:1a:8d:59:40:97:68:c2:0e:
         5f:dd:e3:4b:50:ba:c6:8c:c8:c3:d2:c9:4c:73:4f:71:9a:98:
         3b:20:54:0d:e0:e7:f6:f6:f2:79:bf:2d:01:c5:39:f7:a9:b6:
         6a:9f:e2:15:23:4c:45:1a:4d:5e:f2:dc:42:18:c4:64:d5:e1:
         a6:49:48:b8:81:0f:20:fa:5e:4a:da:ca:fc:90:51:ac:da:66:
         f8:4b:b6:ba:56:b6:aa:bf:df:2b:88:b7:a1:b9:2d:09:1c:11:
         09:35:54:f2:b7:98:be:58:29:47:de:64:38:b0:f2:2e:56:e4:
         af:f1:64:49:ed:c8:9f:12:0c:24:f9:70:3b:8d:99:27:bb:1d:
         47:a4:b2:5a:bf:b9:f0:df:de:9c:49:23:d0:ab:be:e5:b0:9d:
         32:e6:84:36:56:6f:6c:2e:ca:68:44:6c:88:4f:5b:64:fb:dc:
         05:fc:f7:b1:51:b1:89:6d:66:be:1e:e9:76:b3:1f:51:41:f2:
         14:f8:f8:e0:38:49:97:e1:ef:41:b2:bb:6c:0e:e3:e7:ac:92:
         10:c5:1e:d2
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQfjBbndL0boH+iJHUuF0/MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZTRmNmE3NzM2OGI3Y2VjZmU2NzIyMGI0MzY1NzZiMWUw
MDhhZWMwHhcNMjUwMTAxMDE0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MTJjOTZkMGVmZmE3ZGMwNGZkOWIxNzQzZTgxZDVkMTEyZmFmOThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmzrQ7NQW6aFgorUp1bq4vvA1nst4
Dep1aIWWBwlkYSDjTq6J/bu2cwxGTATsB+Ex3WEtHDRILUj5+yaNBUL25t9seTdA
N/8Vg+2loiu//04LOvJBdQZy35y7SarXMctuGoIySB+zB4MqjIUCk+WXsRdlrirK
U586aNXcu3oSZgP+Y7Kd3ICIAoqWlQOIeiGSc7KNybIikaoG0aA58xWIv1nWJbe4
L1DfeSgxaSGeqXnG9UFTjoLoOPZESJRJM5g0ukQzEylOjXFJeVE2PcXVxseQ2W2X
zbcYNUqCoQzjQQ8MnjTQDok8z5lX6vKadZ3H0OiWtmFRJIEqYioLCIzgSQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFEsltDv+n3AT9mxdD6B1dES+vmPMB8GA1UdIwQY
MBaAFADk9qdzaLfOz+ZyILQ2V2seAIrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMt
YjA3ZDg0MTZhZTRhLzEvVVN5VzBPXzZmY0JQMmJGMFBvSFYwUkw2LVk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMtYjA3ZDg0MTZhZTRh
LzEvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgOQwACw
MA0GCSqGSIb3DQEBCwUAA4IBAQC6NKfeaNJcml0bI9XhWO8vplxbY9zjUOx2SgWa
KKN4N89pK13PGHxGV3zYfcUCGo1ZQJdowg5f3eNLULrGjMjD0slMc09xmpg7IFQN
4Of29vJ5vy0BxTn3qbZqn+IVI0xFGk1e8txCGMRk1eGmSUi4gQ8g+l5K2sr8kFGs
2mb4S7a6Vraqv98riLehuS0JHBEJNVTyt5i+WClH3mQ4sPIuVuSv8WRJ7cifEgwk
+XA7jZknux1HpLJav7nw396cSSPQq77lsJ0y5oQ2Vm9sLspoRGyIT1tk+9wF/Pex
UbGJbWa+Hul2sx9RQfIU+PjgOEmX4e9BsrtsDuPnrJIQxR7S
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:34 2025 by rpki-client on console.sobornost.net